On 6/13/2012 2:31 PM, Nikita Popov wrote:
Hi internals!
Recent incidents have shown that even very large websites still don't
get how to do password hashing properly. The sha1 hashes used by
Linkedin et al can be easily cracked even by amateurs without special
hardware.
What could be the reason for this? Why don't people use bcrypt? It is
being recommended already for *years*, but still most people don't
seem to make use of it.
The real problem is this:
Writing a login system is a "rite of passage" for every web programmer
and the majority of tutorials out there are using md5()/sha1() without
salts. Get programmers using trusted, secure systems and we'll start
seeing these problems vanish. This is a social engineering issue, not a
technical one.
http://cubicspot.blogspot.com/2012/05/dear-web-developers-stop-making-login.html
I think the reason is that it is incredibly hard to use crypt()
correctly, mainly for the following reasons:
* For many people the syntax is hard to grasp. The hashing algorithm
is specified as the salt parameter, which is somewhat non-obvious (at
least for me).
* The fact that you verify a password using $hash == crypt($password,
$hash) is equally non-obvious.
* Generating correct salts for bcrypt is quite complicated. It is
encoded in some strange base64 format, thus requiring an additional
function to create it. Additionally it isn't particularly easy to
fetch the random bytes for the salt as you have to check several
possibilities for a cross-platform solution (mcrypt initialization
vector, openssl, /dev/*random, mt_rand etc).
You forgot:
* Prior to PHP 5.3.x, certain key algorithms for bcrypt support were not
necessarily available in crypt().
* Some people are not a fan of the output of crypt() or the lack of
input controls.
Other thoughts: mt_rand() does not qualify as random. If you need
random bytes, consider using CSPRNG
(http://barebonescms.com/documentation/csprng/).
--
Thomas Hruska
CubicleSoft President
Barebones CMS is a high-performance, open source content management
system for web developers operating in a team environment.
An open source CubicleSoft initiative.
Your choice of a MIT or LGPL license.
http://barebonescms.com/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
